28 matches found
CVE-2017-15270
CVE-2017-15270 affects PSFTPd Windows FTP Server 10.0.4 Build 729. The vulnerability is due to improper escaping of data when writing to CSV logs, allowing an attacker to hide data in the GUI and add arbitrary log entries via special characters (e.g., ") and commas. Connected sources also referen...
CVE-2017-15272
CVE-2017-15272 concerns the PSFTPd Windows FTP Server (v10.0.4 Build 729). The server stores its configuration in PSFTPd.dat, an Access database that can be extracted. The data can be obtained even though the encrypt flag is set with the password “ITsILLEGAL,” because the password is not required...
CVE-2017-15271
PSFTPd Windows FTP Server is affected by CVE-2017-15271 in the SFTP component (PSFTPd 10.0.4 Build 729). The issue is a use-after-free triggered remotely before authentication, due to a race condition in window message handling during cleanup of invalid connections, leading to a NULL pointer dere...
CVE-2017-15269
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be performed using "nmap -b" and allow performing scans via the FTP server...
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free Vulnerability
Exploit for windows platform in category dos / poc Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729 Confirmed Patched Versions: None Vendor: Sergei Pleis Softwareentwicklung...
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection Use-After-Free
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection Use-After-Free X41 D-Sec GmbH Security Advisory: X41-2017-006 Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729...
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free
X41 D-Sec GmbH Security Advisory: X41-2017-006 Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729 Confirmed Patched Versions: None Vendor: Sergei Pleis Softwareentwicklung Vend...
PSFTPd Windows FTP Server 10.0.4 Build 729 Use-After-Free / Log Injection
X41 D-Sec GmbH Security Advisory: X41-2017-006 Multiple Vulnerabilities in PSFTPd Windows FTP Server ===================================================== Overview -------- Confirmed Affected Versions: 10.0.4 Build 729 Confirmed Patched Versions: None Vendor: Sergei Pleis Softwareentwicklung Vend...